Privacy Policy

Last updated: May 29, 2026

MailVeriQ Technologies ("MailVeriQ", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our MailVeriQ Gateway service.

1. Information We Collect

We collect information you provide directly to us, including:

• Account registration information (name, email, company, role)
• Email metadata processed through the gateway (sender, recipients, subject, timestamps)
• Email content temporarily held in quarantine for DLP review
• DLP policy configurations and audit trail data
• Usage data and analytics

2. How We Use Your Information

We use collected information to:

• Provide, maintain, and improve the MailVeriQ Gateway service
• Process and scan outbound emails per your configured DLP policies
• Generate audit logs and compliance reports
• Send notifications about quarantined messages and approval workflows
• Provide customer support and respond to inquiries
• Monitor system health and prevent abuse

3. Data Retention

Quarantined email content is retained according to your organization's configured retention policy (30, 90, or custom days). After expiration, email content is permanently deleted from storage. Audit logs and metadata are retained for the duration of your subscription plus 90 days.

4. Data Security

We implement enterprise-grade security measures including:

• AES-256-GCM encryption for data at rest
• TLS 1.3 for all data in transit
• PostgreSQL Row-Level Security for tenant data isolation
• Role-based access control with 9 granular permission levels
• Immutable audit trails for all system actions
• Regular penetration testing and security assessments

5. Data Sharing

We do not sell, rent, or trade your personal information. We may share data only with:

• Infrastructure providers (AWS) under strict data processing agreements
• Law enforcement when required by valid legal process
• Your organization's designated administrators and approvers

6. Tenant Isolation

Each customer organization's data is logically isolated using database-level Row-Level Security. No tenant can access another tenant's emails, policies, users, or audit data.

7. Your Rights

Depending on your jurisdiction, you may have the right to access, correct, delete, or export your personal data. Contact your organization's MailVeriQ administrator or reach us at privacy@mailveriq.com.

8. International Data Transfers

Data is processed and stored in AWS regions as selected during your tenant onboarding. For Enterprise plans, dedicated infrastructure in your preferred region is available.

9. Changes to This Policy

We may update this Privacy Policy periodically. We will notify tenant administrators of material changes via email at least 30 days before they take effect.

10. Contact Us

For privacy-related inquiries:
Email: privacy@mailveriq.com
MailVeriQ Technologies
Security & Privacy Team